Job Responsibilities:
- Serves as team leader and mentor, defining and driving goals and performance for the SOC
- Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats
- Maintain awareness of trends in security regulatory, technology, and operational requirements
- Oversight, planning and execution of any required vulnerability audits, penetration tests or forensic IT audits or related investigations. Ensure that any findings are fed into projects improving overall IT Security.
- Mentor and guide SOC Analysts and perform knowledge transfer to other teams as required
- Responsible for security analysis, administration and remediation procedures, workflows and tasks
- Evaluate existing SIEM rules, filters, events and use cases and adapt to meet the business requirements
- Work with outside teams in the development of a comprehensive set of operational security policies and standards designed to permit the organization to achieve its business objectives while effectively managing our security and compliance requirements of meeting PCI and SOX goals.
- Assist in implementation of new SOC tools and applications and processes
Required Qualifications – Education, Skills & Experience:
- 3+ years managing a security operations center
- 3+ years incident response and managing significiant incidents
- 5+ years working within the information security field, with emphasis on security operations, incident management, and security event analysis
- In-depth familiarity with security policies based on industry standards and best practices
- Working knowledge of SIEM & EDR technologies
- Incident management process development and incident management experience
- Ability to lead and communicate efficiently within a team environment
Preferred Qualifications – Education, Skills & Experience:
- Experience in designing and building security operations centers
- Experience in OT/loT/ICS/SCADA environments
- Professional certifications to include CISSP, GIAC, GCIH